You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.
Class: Aws::CognitoIdentity::Types::RoleMapping
- Inherits:
-
Struct
- Object
- Struct
- Aws::CognitoIdentity::Types::RoleMapping
- Defined in:
- (unknown)
Overview
When passing RoleMapping as input to an Aws::Client method, you can use a vanilla Hash:
{
type: "Token", # required, accepts Token, Rules
ambiguous_role_resolution: "AuthenticatedRole", # accepts AuthenticatedRole, Deny
rules_configuration: {
rules: [ # required
{
claim: "ClaimName", # required
match_type: "Equals", # required, accepts Equals, Contains, StartsWith, NotEqual
value: "ClaimValue", # required
role_arn: "ARNString", # required
},
],
},
}
A role mapping.
Instance Attribute Summary collapse
-
#ambiguous_role_resolution ⇒ String
If you specify Token or Rules as the
Type
,AmbiguousRoleResolution
is required. -
#rules_configuration ⇒ Types::RulesConfigurationType
The rules to be used for mapping users to roles.
-
#type ⇒ String
The role mapping type.
Instance Attribute Details
#ambiguous_role_resolution ⇒ String
If you specify Token or Rules as the Type
, AmbiguousRoleResolution
is required.
Specifies the action to be taken if either no rules match the claim
value for the Rules
type, or there is no cognito:preferred_role
claim and there are multiple cognito:roles
matches for the Token
type.
Possible values:
- AuthenticatedRole
- Deny
#rules_configuration ⇒ Types::RulesConfigurationType
The rules to be used for mapping users to roles.
If you specify Rules as the role mapping type, RulesConfiguration
is
required.
#type ⇒ String
The role mapping type. Token will use cognito:roles
and
cognito:preferred_role
claims from the Cognito identity provider token
to map groups to roles. Rules will attempt to match claims from the
token to map to a role.
Possible values:
- Token
- Rules